package com.dmz.oauth2.provider;

import org.springframework.context.MessageSource;
import org.springframework.context.MessageSourceAware;
import org.springframework.context.support.MessageSourceAccessor;
import org.springframework.security.authentication.AuthenticationProvider;
import org.springframework.security.authentication.BadCredentialsException;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.core.SpringSecurityMessageSource;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.util.StringUtils;

import com.dmz.oauth2.service.RicoInfoService;
import com.dmz.oauth2.token.authentication.TokenAuthenticationToken;

/**
 * 自定义手机模式的提供者
 * 判断token类型是否为PhoneAndPasswordAuthenticationToken,如果是则会使用此provider
 */

public class RicoAuthenticationProvider implements AuthenticationProvider, MessageSourceAware {

    private MessageSourceAccessor messages = SpringSecurityMessageSource.getAccessor();
    
    private RicoInfoService ricoInfoService;
    
    @Override
    public void setMessageSource(MessageSource messageSource) {
        this.messages = new MessageSourceAccessor(messageSource);
    }


    /**
     * 业务处理的方法
     * @param authentication
     * @return
     * @throws AuthenticationException
     */
    @Override
    public Authentication authenticate(Authentication authentication) throws AuthenticationException {
        //未认证之前是手机号 认证之后是客户信息
        String principal =(String) authentication.getPrincipal();
        if (StringUtils.isEmpty(principal)){
            throw  new BadCredentialsException("手机号不能为空");
        }
        // 这里的Credentials是先通过AbstractTokenGranter组装  new MobileCodeAuthenticationToken()传入的
        String code = (String) authentication.getCredentials();
        if (code == null) {
            throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "手机验证码不能为空"));
        }
        UserDetails user;
        try {
            user = (UserDetails)ricoInfoService.loadUserByUsername(principal);
        } catch (UsernameNotFoundException var6) {
           throw new BadCredentialsException(this.messages.getMessage("AbstractUserDetailsAuthenticationProvider.badCredentials", "查询用户信息失败!"));
        }
        TokenAuthenticationToken authenticationToken = new TokenAuthenticationToken(user, code, user.getAuthorities());
        authenticationToken.setDetails(authenticationToken.getDetails());
        return authenticationToken;
    }

  
    /**
     * 判断是否为MobileCodeAuthenticationToken类型  如果是 直接调用 切断过滤器链
     * 如果不是 继续查找
     * @param authentication
     * @return
     */
    @Override
    public boolean supports(Class<?> authentication) {
        return TokenAuthenticationToken.class.isAssignableFrom(authentication);
    }


	public RicoInfoService getRicoInfoService() {
		return ricoInfoService;
	}


	public void setRicoInfoService(RicoInfoService ricoInfoService) {
		this.ricoInfoService = ricoInfoService;
	}
    
}